﻿Public Class clssIdentidad
    Implements System.Security.Principal.IIdentity

    Private intActivo As Integer
    Public sSalt As String
    Public Shared sEspecilidad As String
    Public Shared sID As String
    Private intRolEM As Integer

    Private sNombre As String
    Private blnAutenticado As Boolean
    Private objRole As ApplicationServices.BuiltInRole

    Public ReadOnly Property AuthenticationType() As String Implements System.Security.Principal.IIdentity.AuthenticationType
        Get
            Return "SqlDatabase"
        End Get
    End Property

    Public ReadOnly Property IsAuthenticated() As Boolean Implements System.Security.Principal.IIdentity.IsAuthenticated
        Get
            Return blnAutenticado
        End Get
    End Property

    Public ReadOnly Property Name() As String Implements System.Security.Principal.IIdentity.Name
        Get
            Return sNombre
        End Get
    End Property

    Public ReadOnly Property Role() As ApplicationServices.BuiltInRole
        Get
            Return objRole
        End Get
    End Property

    Public Sub New(ByVal name As String, ByVal password As String)
        ' The name is not case sensitive, but the password is.
        If IsValidNameAndPassword(name, password) Then
            sNombre = name
            blnAutenticado = True
            objRole = ApplicationServices.BuiltInRole.Administrator
        Else
            sNombre = ""
            blnAutenticado = False
            objRole = ApplicationServices.BuiltInRole.Guest
        End If
    End Sub

    Private Function IsValidNameAndPassword(ByVal username As String, ByVal password As String) As Boolean
        ' Look up the stored hashed password and salt for the username.
        Dim storedHashedPW As String = GetHashedPassword(username)
        'Dim salt As String = GetSalt(username)

        'Create the salted hash.
        Dim rawSalted As String = clssEncripto.Encrypt(Trim(password), sSalt)
        'Dim saltedPwBytes() As Byte = System.Text.Encoding.Unicode.GetBytes(rawSalted)
        'Dim sha1 As New System.Security.Cryptography.SHA1CryptoServiceProvider
        'Dim hashedPwBytes() As Byte = sha1.ComputeHash(saltedPwBytes)
        'Dim hashedPw As String = Convert.ToBase64String(hashedPwBytes)

        ' Compare the hashed password with the stored password.
        Return rawSalted = storedHashedPW
    End Function

    Private Function GetHashedPassword(ByVal username As String) As String
        ' Code that gets the user's hashed password goes here.
        ' This example uses a hard-coded hashed passcode.
        ' In general, the hashed passcode should be stored 
        ' outside of the application.

        Dim dstRecord As New DataSet
        Dim strPwd As String = ""

        dstRecord.Tables.Add("Usuario")
        mdlCRUD.loadRecord(dstRecord, "Usuario", "usuario", "LOWER(usuario_login) = '" & Trim(username).ToLower & "'", Nothing)

        If dstRecord.Tables("Usuario").Rows.Count > 0 Then
            Dim arrRow As Array
            arrRow = dstRecord.Tables("Usuario").Rows(0).ItemArray.ToArray
            strPwd = arrRow(7).ToString
            sSalt = arrRow(3).ToString
            intRolEM = arrRow(2).ToString
            sEspecilidad = arrRow(2).ToString
            sID = arrRow(0).ToString
        End If

        Return strPwd
    End Function

    Private Function GetSalt(ByVal username As String) As String
        ' Code that gets the user's salt goes here.
        ' This example uses a hard-coded salt.
        ' In general, the salt should be stored 
        ' outside of the application.
        If Trim(username).ToLower = "testuser" Then
            Return "Should be a different random value for each user"
        Else
            Return ""
        End If
    End Function
End Class
